Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          7MN5XGF93rkiBsHjYgxvo07b0hYqCxi7KNo87G0IDW4=
Subject key identifier:   05:77:CF:E8:2D:D8:61:C7:93:5C:86:34:3F:D3:91:98:A3:4E:9D:95
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       01901DECAB4058FD5BF63E6AE6AA11562C92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          0416
Signing time:             Sat 15 Jun 2024 22:02:47 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:47 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:47 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: sJeozfhinCEO900DWIqqoKnSmmLNPFHYAtHYkzY0SNQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:ab:40:58:fd:5b:f6:3e:6a:e6:aa:11:56:2c:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Jun 15 22:02:47 2024 GMT
            Not After : Jun 16 22:02:47 2024 GMT
        Subject: CN=0577cfe82dd861c7935c86343fd39198a34e9d95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:63:8c:3a:b3:b0:2c:9f:6c:da:e9:c5:fe:66:
                    b0:a5:e9:8a:3c:49:bd:1d:50:cb:b4:f2:9d:68:8a:
                    bd:58:0e:a5:c7:6e:73:a4:a2:e1:0c:50:7c:30:14:
                    b6:f3:ab:13:17:03:ac:cb:ee:73:dc:6b:50:64:5b:
                    ad:b3:ae:e5:a2:3f:7a:ef:c5:c3:31:eb:2b:68:ef:
                    45:ee:42:cf:fa:6f:16:23:0d:2b:e3:86:07:7f:0a:
                    ff:3c:da:8e:1d:46:29:f5:38:f4:85:53:a1:9d:92:
                    a2:72:47:e5:e9:33:6e:06:ba:7b:68:4b:48:d1:0f:
                    9e:19:c4:30:ff:a2:ae:d9:37:14:00:68:21:60:f6:
                    d0:cf:49:5a:6f:90:7f:93:69:c9:c5:fb:2f:0f:c6:
                    52:0e:65:97:40:9e:49:9f:a0:11:84:af:d3:de:d4:
                    fe:5b:fc:5d:e9:ad:60:96:40:ee:5d:b6:b7:f2:9f:
                    b5:0a:dc:4c:cb:39:8f:1b:3c:d5:b1:ce:9c:d4:b3:
                    be:6d:e7:95:b0:7e:05:be:26:c1:e3:69:7a:17:cf:
                    9c:18:fa:72:8f:9d:72:cb:d2:53:8f:d9:dd:15:2b:
                    b5:aa:f5:62:ee:7b:69:37:cb:59:92:2f:3d:cd:f7:
                    d0:3d:10:1f:a6:59:b8:c3:b5:f9:47:2b:45:12:72:
                    03:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:77:CF:E8:2D:D8:61:C7:93:5C:86:34:3F:D3:91:98:A3:4E:9D:95
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:6e:9b:f0:b2:94:22:81:cc:19:09:cd:89:32:5c:ab:fb:7e:
         77:30:ef:d9:b3:9b:82:35:4c:c6:1c:00:9f:50:14:a5:bf:29:
         45:53:14:14:8f:69:69:9e:00:2b:2a:b1:5b:e2:62:98:d8:6c:
         cb:65:cd:8e:39:62:12:86:35:bf:ad:33:07:34:f6:e0:43:f1:
         47:26:32:d1:9d:78:7c:31:b9:d5:d7:d8:2c:94:6e:db:da:2d:
         d5:20:02:01:39:ab:e6:a8:b4:6b:61:0b:f2:00:22:05:32:45:
         e8:5a:06:bc:e1:70:74:22:7d:7f:36:2b:e4:ae:80:18:87:97:
         b5:12:bd:67:24:b4:23:a7:b6:83:a0:6e:3b:03:d9:ac:67:cc:
         b6:cf:c8:78:e8:24:3e:07:96:62:77:4d:e2:84:ad:d9:e6:fd:
         5a:44:7e:37:42:1a:a2:42:6c:cf:dc:65:92:0d:45:de:f4:d7:
         22:2f:dd:64:4e:68:02:d2:2f:1b:58:8c:68:ec:62:81:3d:13:
         14:46:4b:e5:89:6c:ad:f6:aa:e6:6a:2a:52:7e:6c:88:2b:0e:
         a1:5c:8b:58:f3:e0:b6:ba:06:dc:db:7f:9d:a9:4a:a3:79:80:
         d0:3e:11:1d:75:37:ce:ac:13:bc:b2:05:39:d7:b6:d2:5b:60:
         5c:b6:a9:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7KtAWP1b9j5q5qoRViySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjQwNjE1MjIwMjQ3WhcNMjQwNjE2MjIwMjQ3WjAzMTEwLwYDVQQD
EygwNTc3Y2ZlODJkZDg2MWM3OTM1Yzg2MzQzZmQzOTE5OGEzNGU5ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WOMOrOwLJ9s2unF/mawpemKPEm9
HVDLtPKdaIq9WA6lx25zpKLhDFB8MBS286sTFwOsy+5z3GtQZFuts67loj9678XD
MesraO9F7kLP+m8WIw0r44YHfwr/PNqOHUYp9Tj0hVOhnZKickfl6TNuBrp7aEtI
0Q+eGcQw/6Ku2TcUAGghYPbQz0lab5B/k2nJxfsvD8ZSDmWXQJ5Jn6ARhK/T3tT+
W/xd6a1glkDuXba38p+1CtxMyzmPGzzVsc6c1LO+beeVsH4FvibB42l6F8+cGPpy
j51yy9JTj9ndFSu1qvVi7ntpN8tZki89zffQPRAfplm4w7X5RytFEnID5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAV3z+gt2GHHk1yGND/TkZijTp2VMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC26b8LKU
IoHMGQnNiTJcq/t+dzDv2bObgjVMxhwAn1AUpb8pRVMUFI9paZ4AKyqxW+JimNhs
y2XNjjliEoY1v60zBzT24EPxRyYy0Z14fDG51dfYLJRu29ot1SACATmr5qi0a2EL
8gAiBTJF6FoGvOFwdCJ9fzYr5K6AGIeXtRK9ZyS0I6e2g6BuOwPZrGfMts/IeOgk
PgeWYndN4oSt2eb9WkR+N0IaokJsz9xlkg1F3vTXIi/dZE5oAtIvG1iMaOxigT0T
FEZL5Ylsrfaq5moqUn5siCsOoVyLWPPgtroG3Nt/nalKo3mA0D4RHXU3zqwTvLIF
Ode20ltgXLapfQ==
-----END CERTIFICATE-----